2023 UNIVERSAL REGISTRATION DOCUMENT

General and financial elements

The Insurance Department proposes and implements the Group’s insurance strategy, as validated by Executive Management (see paragraph 2.5, pages 188 to 189).

The business lines carry out their activities based on the principles of action and conduct described in paragraph 2.2.1, page 184. The operational teams in each business line are monitored at several levels: operational management, support functions (management control, quality, safety, information systems) and periodic internal audits. Various committees bring together the personnel involved in decision-making, in particular the VINCI Risk Committee (see paragraph 2.4.3, page 186, for information on how it functions), the business line risk committees, and the cash management committees (see Note J.26 to the consolidated financial statements, pages 356 to 358).

2.3 Risk management

The policy set by VINCI’s Executive Committee aims to comply with legal requirements and to ensure that risks are monitored in as uniform a manner as possible. Risk monitoring is integrated into the reporting process (for accounting and financial, health and safety, social and environmental data) and into the schedules set by the existing procedures related to commitments and periodic monitoring of operations as described in paragraph 2.4 below. Through this approach, VINCI’s Executive Management is informed on risks that have materialised, their consequences and related action plans. Risk maps have been created for the Group’s main business lines and divisions as well as for the holding company, thereby encompassing all of VINCI’s activities, in line with the methodology of the white paper under the title “Mise en œuvre du cadre de référence actualisé de l’AMF” (Implementing the AMF reference framework). These maps are reviewed annually.

The review involves:

  • listing the main sources of identifiable risk, either internal or external, that represent obstacles to the achievement of the Group’s objectives and which can be financial risks, risks to people or reputation risks;
  • assessing risk severity on a qualitative scale, taking into account the potential impact, probability of occurrence and degree of control of the various events constituting risks;
  • implementing proper handling of these risks.

Risk scorecards are created for each business line, based on the principal entities’ risk maps. They are used to present and assess, in a uniform manner, events that might affect projects examined by the VINCI Risk Committee.

2.4 Internal control

The main procedures described below are common to all companies in the Group. They are complemented by specific procedures within each business line, in particular for the monitoring of projects and the preparation of financial and accounting information.

2.4.1 Compliance with laws and regulations

The Legal Department of the holding company is responsible for:

  • maintaining a legislative watch related to the various applicable rules,
  • monitoring major acquisition projects and disputes,
  • informing affected employees about rules pertaining to securities transactions.

The main measures relating to legal and regulatory controls are presented in paragraphs 2.3, “Respect for human rights”, and 2.4, “Business ethics”, of chapter E, “Workforce-related, social and environmental information”, pages 218 to 221.

2.4.2 Application of the guidelines and instructions set out by Executive Management

The Chairman of VINCI Autoroutes, the Chief Executive Officer of VINCI Concessions, the Chairman and Chief Executive Officer of VINCI Energies, the Chief Executive Officer of Cobra IS, the Chairman of VINCI Construction, and the Chairman of VINCI Immobilier exercise the powers given to them by law. Under the Group’s internal organisation, they are also required to comply with the general guidelines issued for them by VINCI’s Chairman and Chief Executive Officer, which were updated in 2019. These apply to the following areas:

  • adherence to the VINCI Manifesto and the guides that explain it, which are accessible on the Group’s website;
  • commitments;
  • reporting to the holding company of accounting and financial information, and information relating to human resources, safety, environment, human rights, disputes and litigation, insurance policies and claims, etc.

These general guidelines include compliance with the Group’s procedures regarding bidding or investments. These procedures define the thresholds above which specific authorisation must be obtained from the appropriate committees, namely the VINCI Risk Committee or the Board of Directors’ Strategy and CSR Committee, or where prior notification must be given to the Chairman and Chief Executive Officer of VINCI and/or to the VINCI functional departments involved. These guidelines are cascaded through the organisation by the heads of the business lines to their operational and functional staff for the provisions concerning them, as well as to managers serving as company officers in the companies in their business line.

2.4.3 Procedures related to commitments and the VINCI Risk Committee

The role of the VINCI Risk Committee is to assess, ahead of the commitment phase:

  • acquisitions and disposals of businesses;
  • the terms and conditions of tenders for construction works which, by virtue of their scale, complexity, specific financing characteristics, location or technical characteristics, entail specific risks, especially those of a technical, legal or financial nature;
  • property development transactions;
  • public-private partnerships (PPPs), concessions or any other long-term commitments.

The monetary thresholds for vetting by the VINCI Risk Committee before a bid is submitted are defined in the general guidelines. Transactions below the level necessitating a review by the VINCI Risk Committee are managed by the business lines and divisions according to their own procedures and delegation of authority; these are consistent with the Group’s reference framework.